From a412f629c225f900dcbfa1866923e2767bf3bfc5 Mon Sep 17 00:00:00 2001 From: Nick Vollmar Date: Mon, 23 Sep 2019 11:22:53 -0500 Subject: [PATCH] TUN-2334: remove tlsConfig.ServerName special case --- tlsconfig/certreloader.go | 9 +++------ tlsconfig/tlsconfig_test.go | 2 -- 2 files changed, 3 insertions(+), 8 deletions(-) diff --git a/tlsconfig/certreloader.go b/tlsconfig/certreloader.go index 5ce83934..f8e1fdca 100644 --- a/tlsconfig/certreloader.go +++ b/tlsconfig/certreloader.go @@ -5,7 +5,6 @@ import ( "crypto/x509" "fmt" "io/ioutil" - "net" "runtime" "sync" @@ -18,6 +17,8 @@ import ( const ( OriginCAPoolFlag = "origin-ca-pool" CaCertFlag = "cacert" + + edgeTLSServerName = "cftunnel.com" ) // CertReloader can load and reload a TLS certificate from a particular filepath. @@ -126,7 +127,7 @@ func CreateTunnelConfig(c *cli.Context) (*tls.Config, error) { rootCAs = append(rootCAs, c.String(CaCertFlag)) } - userConfig := &TLSParameters{RootCAs: rootCAs} + userConfig := &TLSParameters{RootCAs: rootCAs, ServerName: edgeTLSServerName} tlsConfig, err := GetConfig(userConfig) if err != nil { return nil, err @@ -142,10 +143,6 @@ func CreateTunnelConfig(c *cli.Context) (*tls.Config, error) { rootCAPool.AddCert(cert) } tlsConfig.RootCAs = rootCAPool - tlsConfig.ServerName = "cftunnel.com" - } else if edgeAddrs := c.StringSlice("edge"); len(edgeAddrs) > 0 { - // Set for development environments and for testing specific origintunneld instances - tlsConfig.ServerName, _, _ = net.SplitHostPort(edgeAddrs[0]) } if tlsConfig.ServerName == "" && !tlsConfig.InsecureSkipVerify { diff --git a/tlsconfig/tlsconfig_test.go b/tlsconfig/tlsconfig_test.go index 2f8067da..26eb1056 100644 --- a/tlsconfig/tlsconfig_test.go +++ b/tlsconfig/tlsconfig_test.go @@ -1,5 +1,3 @@ -// TODO: Remove the above build tag and include this test when we start compiling with Golang 1.10.0+ - package tlsconfig import (